Ref# ADV2024_342 | Date: Oct 7th 2024

---

Drupal has published a security advisory highlighting vulnerabilities in the following product on October 2nd, 2024. It is recommended that you take the necessary precautions by ensuring your products are always updated.

• Two-factor Authentication (TFA) module – versions prior to 1.8.0

For more information on this update, you can follow this URL:

• Two-factor Authentication (TFA) – Critical – Access bypass – SA-CONTRIB-2024-043

The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.

PDF Download: ADrupal Security Advisory

References

• Drupal Security Advisories. (October 2nd, 2024). Retrieved from Drupal. https://www.drupal.org/security
• Drupal Security Advisory. (October 3rd, 2024). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av24-559