I'm assuming gaining access to the phone itself. This is probably and exploit via the WhatsAPP app that allows privilege escalation of some type.

Note: I'm in the medical field and this is not my expertise.

So Facebook are suing NSO for having hacked Apples or Googles software?

My point is once end to end encryption is enabled -- no MITM vulnearabilities should exist. Kind of like how password managers protect your password -- not even they can see it.

I think this is indicative that Facebook doesn't enable true end to end encryption so they can read messages themselves but advertise that they don't to attract the privacy dollar.

You misunderstand how end to end encryption works and what the vulnerabilities were. These are not MITM attacks. I suggest you read the article or the affidavit, they do a good job explaining what happened.