What you state is provably wrong. Consent and objection to legitimate interest are two different things, in the eyes of GDPR, and are managed separately in privacy banners:
Navigate to a website of your choice [1]. Let's assume its privacy banner is served by onetrust.
The text at the top of their "Privacy Center" says, verbatim, "We share this information with our partners on the basis of consent and legitimate interest. You may exercise your right to consent or object to a legitimate interest"
If you then unfold the "Manage Consent Preferences" you will notice that you can, _separately_, provide your consent for a given purpose, by sliding the switch to the right to enable it, and also, _at the same time_, "Object to Legitimate Interests" by clicking on the button labeled so.
Of course, this is a dark pattern to make it as cumbersome as possible to object to Legitimate Interest purposes.
Navigate to a website of your choice [1]. Let's assume its privacy banner is served by onetrust.
The text at the top of their "Privacy Center" says, verbatim, "We share this information with our partners on the basis of consent and legitimate interest. You may exercise your right to consent or object to a legitimate interest"
If you then unfold the "Manage Consent Preferences" you will notice that you can, _separately_, provide your consent for a given purpose, by sliding the switch to the right to enable it, and also, _at the same time_, "Object to Legitimate Interests" by clicking on the button labeled so.
Of course, this is a dark pattern to make it as cumbersome as possible to object to Legitimate Interest purposes.
[1] (I took vox dot com as an example.)