According to an advisory by Vectra, access tokens for other Teams users can be recovered, allowing attackers to move from a single compromise to the ability to impersonate critical employees, but Microsoft isn’t planning to patch.