MacDirtyCow is a security vulnerability in macOS and its derivatives that allows an attacker to gain root privileges on an affected system. Ian Beer of Google Project Zero uncovered CVE-2022-46689.
MacDirtyCow is a new method for installing Jailbreak tweaks without Cydia/Sileo. The Dirty Cow exploit offers plenty of new features, similar to the Dirty COW vulnerability in Linux. A privilege escalation issue in the Linux Kernel has been known as Dirty C0w (CVE-2016-5195) for a long time. Now using CVE-2022-46689, the developers have created the macOS equivalent of the Dirty Cow Bug, operating the testcase extracted from Apple’s XNU source, gaining root access on macOS 13.0.1
This modified MacDirtycow exploit allows users to change the Lock Screen’s icon animation, customize system fonts, silence the shutter sound, access the File Manager, hide the Home Bar, hide the Dock, and more.
The vulnerability is caused by a race condition in how macOS’s XNU kernel handles copy-on-write (COW) operations on memory pages. This means the memory page of macOS is marked as read-only due to security protection, but if the system needs to run a write operation, the kernel will create a new copy of the page and replace it. However, a small time gap exists between the read-only page being checked and the latest copy being made. So an attacker can modify the page in memory, effectively bypassing the read-only restriction.
DirtyCow Compatibility
iOS Versions :
- iOS 16.1.2, 16.1.1, 16.1, 16.0.3, 16.0.2, 16.0.1, 16
- iOS 15.7.1, 15.7, 15.6.1, 15.6, 15.5, 15.4.1, 15.4, 15.3.1, 15.3, 15.2.1,15.2, 15.1.1, 15.1, 15.0.2, 15.0.1, 15
- iPadOS 16.1.2 – iPadOS 15
Note – This vulnerability has been fixed with the iOS 15.7.2 and iOS 16.2 releases.
But if you are on iOS 15.7.2 – iOS 18.4.1, you can use the dirtyZero app that uses the newly released CVE-2025-24203.
Device Models :
- iPhone 14 series,
- iPhone 13 series,
- iPhone 12 series,
- iPhone 11 series,
- iPhone 8, iPhone 8 Plus, iPhone X, iPhone 7 and iPhone 7 Plus, iPhone 6S, iPhone 6S Plus, iPhone SE, iPhone 6, iPhone 6 Plus
- iPadOS 16 running iPad Pro (all models), iPad Air (3rd & later), iPad (5th & later), iPad mini (5th & later), iPad (2018, 6th generation), iPad (2019, 7th generation), iPad Pro 10.5″ (2017), iPad Pro 12.9″ 2nd Gen (2017), iPad (2017) 5th Generation, iPad Pro (12.9 in.) 1st generation, iPad Pro (9.7 in.), iPad mini 4, iPad Air 2
Download MacDirtyCow
You can install MacDirtyCow both Online/No PC and offline. However, Apple’s server blocks the online plist files due to restrictions.
If you are familiar with the Misaka Tweak manager, it now supports installing the MacDirtyCow app from it.
How to Install MacDirtyCow IPA File.
AltStore
AltStore is an iOS app that allows you to sideload IPA files onto your device using your Apple ID. It re-signs apps with your developer or Distribute certificate, supporting iOS 12.2 – iOS 18. x
Install the IPA file with the AltStore Tool
Sideloadly
Sideloadly, a best Cydia Impactor alternative, works on Windows and macOS. That is also compatible with iOS 11 – iOS 18.5 and Up.
Install IPA file with the Sideloadly Tool
TrollStore
TrollStore is a permasigned jailbroken iOS app that can permanently install any IPA app, compatible with iOS 15.0 – 15.6 (RC), and iOS 14.0 – 14.8.1. It works by using another AMFI/CoreTrust bug to verify that the root certificate is used to sign the app and not revoke it.
Install IPA file with TrollStore Tool
ESign
ESign is a free signer tool that allows you to sign apps with your own certificates and install them on your iPhone or iPad.
