The Intel Management Engine (ME) is a separate independent processor core that is actually embedded inside the Multichip Package (MCP) on Intel CPUs. It operates all-by-itself and separate from the main processor, the BIOS, and the Operating system (OS), but it does interact with the BIOS and OS kernel. It is a black box of mystery code at the lowest level, in ring -2, with complete control over every part of the system, and therefore presents a serious threat to your security and privacy, as it could be possibly exploited by a remote attacker to gain full access to your system. It is present on every post-2008 Intel CPU system.
Purism actively avoids this technology and even both disables and neutralizes it on a firmware level, thus minimizing or removing the threat entirely.