In PHP 8.0 (prior to 8.0.30), PHP 8.1 (prior to 8.1.22), and PHP 8.2 (prior to 8.2.8), loading a PHAR file can trigger a stack buffer overflow due to insufficient length validation when reading PHAR directory entries. This may result in memory corruption or potentially allow remote code execution (RCE).

SEP 14.3 RU6 

SEPM PHP is not vulnerable to CVE-2023-3824.  Even though the PHAR extension is in the loaded module list of SEPM PHP, it is not used and no Phar files are loaded in SEPM.