With FIDO, the user doesn't manually enter a 2FA token into a form field. Instead they press a button or something which directly transmits the token over SSL to the authentication server.
MITM is still possible, but there are other ways to combat that, such as TLS Channel IDs [1] or Bearer Tokens [2].