Security researchers say an uncorrected flaw in a vote-counting machine used in 23 U.S states leaves it vulnerable to hacking 11 years after the manufacturer was alerted to it.

The finding was highlighted in a Thursday report summarizing attention-grabbing voting technology research at the September DefCon hacker convention in Las Vegas, which highlighted numerous security problems with election equipment.

The M650 high-speed ballot scanner at issue is made by Election Systems & Software, the nation’s leading elections equipment vendor.

Researchers say an infected scanner could potentially swing an election.

But the Nebraska-based manufacturer said it would be extraordinarily difficult to hack the M650 in a real-world environment.