Apparently, the CEO of another company has vouched for the findings. At least in this case, if the report is legitimate, an attacker needs to be root or Administrator to carry out the attacks...and in one case must have physical access to the machine. There's a link in the article to an article which documents FTC involvement about ASUS routers... Interesting reading nonetheless. Something tells me, if true, AMD may not be doing business anymore with ASMedia. Especially if ASMedia inserted hardware backdoors into the chipsets without AMD's knowledge and/or approval.
Another interesting point in this is that this particular disclosure seems to be financially motivated, which could eventually evolve into extortion.