I know of two Intel ME rootkits that didn’t involve Intel AMT; the latter can be enabled/disabled on “vPro” chips. One rootkit was from 2009 and seems less relevant now; the more recent of the two was by and at Black Hat Europe 2017: How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine (application/pdf).
Without AMT, they required physical access. Most PCs are woefully unprepared against the sorts of attacks enabled by physical access, and ME is only one entry in a long list of issues.