1. What actually happened or you saw:
An absence of firmware-detailing data.
2. What you wanted to happen or see:
Something like a CIS functionality that scans and shows details about the firmware; and if it is possible, also check the firmware for malware.
3. Why you think it is desirable:
Because firmware is the deepest layer where a malware can sit itself, so if CIS can do something about it it will be good.
I may add up, that some “custom firmware” implemented in “USB Storage Devices” can make Windows system believe it is a “Keyboard.”
Therefore, all you need is walk in someone’s computer to install “hacking/cracking” programs bundled with it without the need of an “Administrator” account.
Cool eh? See details of this exploit done by the “Red Team” (search with Google).