Intel's Management Engine has indeed been hacked, at least as a proof-of-concept vulnerability. This is why (after so many years of unexcitement) the IME has recently attracted a lot of public attention.
http://hackaday.com/2017/05/02/is-intels-management-engine-broken/https://www.wired.com/2017/05/hack-brief-intel-fixes-critical-bug-lingered-7-dang-years/https://www.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/http://www.tomshardware.com/news/intel-amt-vulnerability-me-dangerous,34300.htmlhttp://securityaffairs.co/wordpress/58656/hacking/intel-management-engine.htmlhttps://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/The demonstrated hacks are profoundly disturbing since they demonstrate a potential "backdoor" embedded within every Intel chipset PCH made within the last decade. At the "baseboard" or "bare-metal" layer, the IME (theoretically) has complete priority over all onboard firmware (BIOS) and software (OS) code - essentially a "hardware-level rootkit". It's a complete black-box unit, a computer inside your computer, and (although much effort has been committed to reverse-engineering and analyzing it) nobody outside of Intel really knows exactly what capabilities it has. And it's an always-active attack surface, all it requires is motherboard power (the computer is simply plugged in, it doesn't need to be powered on) and a physical or wireless network connection.
However the demonstrated (known) exploits all require ME components (like AMT) which are rarely, if ever, installed on consumer platforms. These components are rarely even supported and can't normally be installed or executed on non-Xeon chipsets/processors.
The presence of a TPM wouldn't be relevant. It only provides active cryptosecurity, it is still "compromised" when running underneath compromised platform logic.
Admittedly, there's not a whole lot of "hacking" potential on a powered-down computer. The drives won't spin, the RAM and NVRAM won't work - data basically can't be accessed - and unpowered processors can't process anything anyways. But there are real concerns about the possibility of a hacker injecting code onto a dormant machine which will be executed on subsequent startups.
Conspiracy theories abound, but one reality is that whether or not Intel works intimately with organizations like NSA or CIA or whatever, they must still comply to USA laws (and court orders) from such organizations which might demand technical specifics.
"All opinions are not equal. Some are a very great deal more robust, sophisticated and well supported in logic and argument than others." - Douglas Adams
[/Korth]