Twilio Changelog

Additions and changes to the Twilio platform

CVE-2020-24655 - A race condition in the Twilio Authy 2-Factor Authentication Application allowed a user to potentially approve/deny an access request prior to unlocking the application with a pin on older Android devices, effectively bypassing the PIN requirement. This issue has been fixed as part of the 24.3.7 Release of the Twilio Authy App. Other operating systems (iOS, MacOS, Linux and Windows) are not affected by this vulnerability.

See 24.3.7 release details here.