Everyone who sells systems knowingly sells exploitable ones, unless the sellers are naive. Every system you and I deliver to our customers/users is exploitable.
Personally, I hesitate more than most because of the technical reasons you cite, but even turning on a computer is a risk. Probably this isn't the greatest risk to a business' IT.
I agree completely, many many companies are totally fine with accepting that risk due to the trade-off for ease of manageability. But I'm really not, in no small part because the overhead to managing a few computers is totally different than a large corporation with thousands of machines. I just wish my vote counted to Intel (or AMD for that matter), and I could completely disable ME because I'd rather the more difficult management of machines over the much larger attack surface.
Of course it all seems to lead back to monopolies/duopolies being bad for the average consumer. Who knew?
> I just wish ... I could completely disable ME
You might find this useful: