If you have the wallet backup all you need to do is decrypt it. That means guessing the password. The 2FA does not matter anymore. There is nothing to slow you down, you can make as many attempts per second as your hardware allows. Also the password guessing can be done in parallel on multiple machines.
Given a weak password it will crack.
Well... guessing both the passwords (1st password and 2nd password) will take a hell lot of effort. But if there is a keylogger in the system stealing the passwords, then it is quite easy.