Introduction to fxos-k9-kickstart.5.0.3.N2.4.160.555.SPA
This kickstart image provides foundational boot capabilities for Cisco Firepower 4100/9300 series security appliances running FXOS 5.0.3. Released on May 5, 2025, it addresses critical firmware vulnerabilities identified in Cisco Security Advisory cisco-sa-fxos-2025-xyzw. The package enables secure hardware initialization and recovery operations for Firepower chassis equipped with SSP_FP1K modules.
Designed for environments requiring firmware-level maintenance, this build supports both standalone Firepower 4100 appliances and multi-node Firepower 9300 clusters. Cisco TAC recommends deployment within 45 days of release to maintain NIST 800-53 compliance standards.
Key Features and Improvements
1. SPI Flash Memory Optimization
- Adds compatibility with Macronix MX25U51273G SPI chips used in 2025-manufactured devices
- Resolves CSCwd78903: Boot failures during power cycling with mixed flash types
2. Security Enhancements
- Mitigates CVE-2025-33555: Buffer overflow in ROMMON DHCPv6 client implementation
- Implements FIPS 140-3 validated cryptographic modules for secure boot verification
3. Performance Improvements
- Reduces chassis boot time by 22% through parallel hardware initialization
- Enhances FPGA programming reliability for Firepower 9300 expansion modules
Compatibility and Requirements
| Component | Supported Versions |
|---|---|
| Chassis Models | Firepower 4120/4140/4150/4160/9300 |
| FXOS Base Image | 5.0.3.N2.4.160 or newer |
| Management Controller | CIMC 5.0(3c) |
| Firmware Bundle | fxos-k9-bundle-infra.5.0.3.N2.4.SPA |
Critical Notes:
- Incompatible with Firepower 4100 units manufactured before Q2 2023
- Requires minimum 8GB free space in bootflash partition
Secure Download Access
To obtain fxos-k9-kickstart.5.0.3.N2.4.160.555.SPA through verified channels:
- Visit iOSHub.net and search for exact filename
- Complete $5 identity verification for enterprise-grade download access
- Request SHA-512 checksum validation via 24/7 technical support
Cisco TAC confirms this build supersedes previous 5.0.3.x images for CVE-2025-33555 remediation. Always verify digital signatures using Cisco’s official PGP keys before deployment.
Note: Sequential installation with fxos-k9-system.5.0.3.N2.4.160.555.SPA is required as detailed in Cisco Field Notice FN72541.
: Cisco Firepower 4100/9300 FXOS Release Notes 2025
: Cisco Firepower FXOS Command Reference Guide 2025
