The thing that gets me is that they are simultaneously making claims that some of those vulnerabilities can't just be fixed with a quick firmware update and that they would allow for a backdoor that could never be removed. If the flaw that allows the attacker to overwrite the firmware with their own version can't be fixed in software then how exactly is the malicious firmware supposed to prevent its own removal?

One of those claims has to be false. If an attacker can shut the door behind them so to speak then it has to be possible for AMD to do the same.