For those folks who run Fortinet Devices:
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
The vulnerability has already been exploited in the wild.
CVSSv3 score is 9.3 with a rating of Critical so patch as soon as possible.
More info: PSIRT Advisories | FortiGuard