Cr50 is quite different from the Infineon et al TPM item commonly found in x86 boxes. It is able to rewrite AP and EC firmware, overriding the advertised write-protect feature; access the microphone; etc.

No reason to take my word for it: I recommend to read Google's source, I have linked to the most interesting routines.