https://www.bleepingcomputer.com/news/security/apple-imessage-flaw-lets-remote-attackers-read-files-on-iphones/

An iMessage vulnerability patched by Apple as part of the 12.4 iOS update allows potential attackers to read contents of files stored on iOS devices remotely with no user interaction, as user mobile with no sandbox.

The security flaw tracked as CVE-2019-8646 was discovered by Google Project Zero security researcher Natalie Silvanovich who reported it to Apple during May.