The vulnerability occurs when the mobile_open_url tool in the mobile-mcp server passes user-supplied URLs directly to Android's intent system without validating the URL scheme. This flaw allows an attacker to trigger any Android intent, including actions that can place phone calls, send SMS messages, execute USSD codes, or access content providers. The weakness is categorized under CWE-939, indicating improper handling of user input in a dynamic context. Consequently an attacker could abuse this behavior to initiate privileged actions or exfiltrate data from the device, threatening confidentiality, integrity, and potentially availability if the intent triggers disruptive operations.

The flaw affects the mobile-mcp component of the Mobile Next suite released by the mobile-next vendor. Any installation of mobile-mcp prior to version 0.0.50 is vulnerable. The affected environment is typically a Node.js-based server that interacts with Android devices via the mobile_open_url interface. Exact system configurations are not detailed, but all users running the vulnerable version of mobile-mcp in a mobile development or automation context are at risk.

The CVSS score of 8.3 indicates high severity, while the EPSS score of less than 1% suggests that exploitation is currently unlikely but the flaw remains serious. It is not listed in the CISA KEV catalog. The likely attack vector is remote, through any channel that allows an attacker to supply a crafted URL to the mobile_open_url endpoint, such as a web request or automated device command. Exploitation requires no special privileges on the server but does rely on the attacker’s ability to inject malicious input into the target’s environment.