The Heartblees bug was discovered last year, but the vulnerability remains a problem in use today.
The new report published by security firm Black Hat suggests the flaw is more widespread.
Black Hat’s research found that Heartblee could allow an attacker to gain full control of a system, bypass any authentication checks and access any system.
This could be used to steal sensitive data from systems or install malicious software.
Black hat said the exploit could also allow the attacker to read keystrokes and send them to a remote server.
Black Hat said Heartbleez could be exploited by any user of a vulnerable system.
“A number of exploit techniques are known to work in this manner, but Black Hat believes the current HeartbleE vulnerability is unique and extremely dangerous,” Black Hat CEO Joe Fowler said in a statement.
“The Heartbleeds exploit could be leveraged by anyone to exploit and then take control of your system.”
The researchers also identified several other exploits that could potentially allow attackers to gain control of systems.
Black hats researchers also said they had identified at least two new vulnerabilities in the past few years.
One was discovered in October, which was exploited by the Chinese government to steal information from the US military and the Pentagon.
The second, a security hole found in May, allowed an attacker who knows how to find the keystroke pattern to read the keyboard and send the password to a malicious website.
Blackhat’s researchers say the vulnerability is more common now than in 2016, when Heartblex was discovered.
“These exploits were exploited to gain access to all devices connected to the system, including network and wireless networks,” Fowler said.
“This may be particularly relevant to enterprises, where some devices may be networked with others.
It is also of interest to users in the enterprise, since these devices may also be vulnerable to similar attacks.”
Black Hat also said Heartbeeps could be targeted by any malicious user.
“This is the same scenario that Heartbeep used to target other critical systems in 2016.
In addition, the Heartbeeping vulnerability also allows attackers to steal keystroks and send it to a Remote Desktop server,” Fowler added.
The Heartbeams flaw was first disclosed in November, but it was not widely known until Black Hat released its report in March.