CVE-2025-65097 is an improper access control vulnerability (CWE-284) identified in the RomM (ROM Manager) application, a tool used to manage and play game collections. The vulnerability exists in versions prior to 4.4.1-beta.2, where the application fails to verify ownership before processing DELETE requests on collection endpoints. An authenticated user can exploit this by sending a direct DELETE HTTP request targeting collections owned by other users, resulting in unauthorized deletion of their game collections. This lack of ownership verification violates access control principles and leads to potential data integrity and availability issues. The vulnerability does not require user interaction beyond authentication and is exploitable remotely over the network (AV:N). The CVSS 4.0 vector indicates low attack complexity (AC:L), no privileges required beyond authentication (PR:L), no user interaction (UI:N), and high impact on integrity (VI:H). The scope is limited to the same security scope (SI:L), and no confidentiality or availability impact is noted. The flaw is fixed in versions 4.4.1 and 4.4.1-beta.2 by implementing proper ownership checks before allowing deletion operations. No known exploits are reported in the wild yet, but the vulnerability's nature and ease of exploitation make it a significant risk for environments where RomM is deployed, especially in multi-user or shared setups.

For European organizations, this vulnerability poses a risk primarily to environments where RomM is used collaboratively or in multi-user contexts, such as gaming communities, digital libraries, or entertainment platforms. Unauthorized deletion of collections can lead to loss of user data, disruption of services, and potential reputational damage. In enterprises or educational institutions using RomM for managing game collections or digital assets, this could impact operational continuity and user trust. The integrity of user data is directly compromised, and availability is affected due to potential deletion of critical collections. Although confidentiality impact is minimal, the ability of an authenticated user to tamper with other users' data undermines security policies and could be leveraged for further attacks or social engineering. The vulnerability's exploitation requires authentication, which limits exposure but does not eliminate risk, especially if credential compromise or insider threats exist. The lack of known exploits in the wild suggests a window for proactive mitigation before active attacks emerge.

1. Upgrade RomM to version 4.4.1 or later, where the vulnerability is patched with proper ownership verification. 2. Implement strict access control policies at the application and network layers to restrict DELETE requests to authorized users only. 3. Monitor application logs for unusual DELETE request patterns or attempts to access collections not owned by the requester. 4. Enforce strong authentication mechanisms and consider multi-factor authentication to reduce risk of credential compromise. 5. Conduct regular audits of user permissions and collection ownership to detect anomalies. 6. If immediate patching is not possible, deploy web application firewalls (WAF) rules to block unauthorized DELETE requests targeting collection endpoints. 7. Educate users about the importance of safeguarding credentials and recognizing suspicious activity. 8. Coordinate with RomM support or vendor for any additional security advisories or hotfixes. 9. Consider isolating RomM instances in segmented network zones to limit lateral movement in case of compromise.