Yeah, scary shit. If Intel's management software can send out-of-band commands to trigger something in the management chip, then so can someone 'else'
You have one of those potentially insecure IoT devices sitting right in your CPU.
https://www.theregister.co.uk/2017/0...vulnerability/