Not sure how common firmware attacks are. But I believe they have been around for 20 years. Same goes for bios. And IMO it just keeps getting worse not better. Most public case in recent times is hacking teams malware for uefi bios. Which they are in the business of selling such malware, and we can assume hacking team is just one of many groups like that. We should also assume its possible to inject it remotely.
AEM won't prevent something like that from happening, but it would hopefully let you know it has happened. Which I then guess means you would have to replace your hardware.
unfortunately, especially with modern machines, these things can happen even without any os and there isn't much we can do about it. either by physical access or even remote. But when it comes to doing things through the o/s, qubes would be way more secure.