[boring_twenties]

The part that can't be removed still has had critical security vulnerabilities, though.

[floatboth]

But how would anyone interact with that part?

If it has no NIC access and the OS doesn't have access to it because it's not hanging on PCIe anymore, so if it's only there for system bringup, it's essentially sealed off from the world.

[boring_twenties]

It might require physical access, as with https://www.intel.com/content/www/us/en/security-center/advi... but that's still pretty bad as it allows for rootkits completely undetectable from the OS environment.