The attack of ‘Stuxnet’ computer warm on the Iranian nuclear program highlighted the need of cybersecurity for critical infrastructure and embedded systems. The evolution of embedded systems to Internet-of-Things (IoT), where every device from a light-bulb to a medical implant device will be connected over internet. This connected world scenario requires secure communication channels to ensure information-security. OpenSSL is a defacto standard for secure communication over the internet. The memory bound check failure vulnerability CEV-2014-0160 was discovered in OpenSSL on 07^th Feb 2014. The vulnerability is commonly known as Heartbleed bug that caused vulnerability in more than 16% of the total webservers. The Heartbleed bug can cause a leakage of 64K memory bytes of memory in plaintext that may contain security keys, X.509 certificates and user's private data. OpenSSL is also used to secure connected embedded devices. The Heartbleed vulnerability has greater impact on embedded systems/IoT because the few KBs or MBs memory of embedded device can be leaked in few seconds during a well-crafted Heartbleed attack. This research demonstrates a Heartbleed attack, and develops a patch for Heartbleed vulnerability. This research proposes an update to RFC-6520 that can be used as Heartbleed patch for embedded systems. The Memory utilization analysis of the developed Heartbleed patch, new proposed Heartbleed patch & unpatched OpenSSL code for STM32 Cortex-M4 microcontroller.