...and if the article's claims aren't true, there wouldn't be any sources to confirm the claims at all. The evidence we've been presented with so far (no sources) is consistent with both possibilities. When you make a claim as big as SemiAccurate did, it's on you to provide sources to back it up. If you can't present any kind of proof, you don't have a story, you have a rumor.
My prediction: At the end of June, Intel announces a fix for a minor non-RCE bug in the LAN code of Intel ME. SemiAccurate proudly and inaccurately announces that it confirms their previous reporting and adds it to the list of things to mention every time they write an article about Intel. There is no follow-up Hacker News thread with 100+ comments, so most of the people who posted here continue thinking that there was a major RCE in Intel ME that we just haven't heard about because it was covered up.
Edit: Already proven wrong! We're headed for interesting times.
Devil's Advocate here, so you are assuming there is a perfectly secure software implementation in this world, and only Intel has it for their Management Engine? I get your point, SemiAccurate may or may not have an exploit, but I think it goes without saying there is a security hole somewhere in the ME, it just is not publicly known at this point.