The very people making the accusations like the NSA have been caught planting malware into Cisco hardware. The BMC have their own port and embedded operating system and web console seperate from the motherboard. I had one myself for a Sun server they called it Lights Out Management.
Nobody in their right mind would have this unprotected without behind a vpn / firewall. I can tell you this gets brute forced.
The level of effort for little gain is a dead give away. If the BMC isn't even connected then this hack is useless too. I am not sure if it's part of the motherboard or a daughterboard as the Sun server's was.
I can only presume it's seperate and "isolated" although it gives you full access to the server terminal like a keyboard and monitor. To configure the bios and power cycle etc.
But what is for sure they think because it's a remote console, and mention malware plant, they think people will automatically believe them. I want to see packet inspection logs !!