A visitor uses his iPhone X to take photos of the stage at the Apple Worldwide Developer conference (WWDC) in San Jose
Apple's iOS 14 update brings Sound Recognition feature to your iPhone. (Photo: REUTERS/Elijah Nouvelage)

A serious exists in the iPhone that could be possibly used without the owner's knowledge, according to Google security researchers.

Google staff who were tasked looking for bugs have found six flaws in Apple's iMessage text app. Researchers warned that one of the problems is still without a fix.

The problem is reportedly "interactionless," which means that the iPhone user need not do anything to allow the exploit to be used. The bugs could allow attackers to view files or crash devices.

Natalie Silvanovich, one of the researchers who discovered the vulnerabilities, described them as "interactionless," meaning they can run without the user having to do anything.

The flaws in Apple's iPhones were found by Project Zero, a program backed by Google. The group is made of security analysts whose job is to look for serious vulnerabilities in various software before hackers find and take advantage of them. The manufacturers are then given a deadline of 90 days before they make the issue public.

The issues could have been exploited in a number of ways, such as remotely accessing files or crashing devices. Because these "interactionless" bugs are in high demand for hackers, the security flaws discovered would have sold on the black market or other seedy parts of the internet for as much as $5 million apiece, according to ZDNet.

Five of the six flaws were patched in the iOS 12.4 update that rolled out last week, but the sixth bug is still open. Google has not disclosed the bug until the deadline is reached.

According to Silvanovich, one way of dealing the issue is to completely reboot the iPhone, which would lead to data loss.

"For the protection of our customers, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are generally available," a spokesperson for Apple said.

"Keeping your software up to date is one of the most important things you can do to maintain your Apple product's security."

Founded in 2014, Project Zero aims to reduce the number of people inconvenienced by targeted attacks. The program has also worked with Facebook and Microsoft in exposing vulnerabilities on their platforms and services.

ZDNet notes that bugs like these are invaluable to manufacturers of intercept tools and surveillance software, and the right buyer would likely pay millions for access to them before Apple is able to patch its software in defense. By reporting bugs like these to Apple, these researchers have done humanity a great favor.