Its stuff like this. Phone recieves message, runs code embedded in msg for nfi reason why literally starting off the chain of events/exploits to hack yo device.
We've had a few of these types of entry points in phones now over the years. Enough that if its still happening its probably by design as a favor to a 3 letter agency.
can you think of any CCC presentations which explain this?