Everything is buggy. Hardware, software, firmware, wetware. Everything.
Most of the time those bugs fall within acceptable limits. Whatever computer you're using, for example, probably has 5-20 BIOS updates, depending upon how old it is. And for most people, they can be many updates behind without problems - because the bugs fixed by later versions either don't impact them or aren't catastrophic.
Sometimes bugs are more serious, and need to be fixed before something can be shipped / sold. It would suck to manufacture a million USB thumbdrives, for example, then be forced to throw them out at a loss because of a bug that surfaced. The manufacturer would be much better off if they were able to compensate for the bug (and firmware can often compensate for hardware problems, not just firmware problems).
So the general rule is to design systems that have a little update-ability, even if the normal lifecycle of the product isn't expected to require it.
Because everything is buggy.
WhiteWinterWolf asks this followup question in the comments:
In the Black Hat presentation by Karsten Nohl and Jakob Lell, the
solution presented as the most simple and effective one would be to
lock the firmware down at the factory, blocking any firmware
update. Following your answer, do you think that such possibility
would therefore be not very realistic "in the real world"?
Now we're purely into speculation territory. Here's my opinion:
Locking the firmware is a technical solution, but it's one that will only be embraced at the very low end (cheap, throwaway devices) and the very high end (security-focused marketing). The vast middle will continue to ship writable devices because the business case edges out the security case.
Let me tell you how I got there:
Locking the firmware has positive (increased security) and negative (inability to update to correct issues as described above) impacts.
At the very low end - where you can buy an 8 GB thumb drive for $2 - the inability to update is less of a problem. In all likelihood, the manufacturer is relatively generic, and won't mind the PR hit for having a buggy device that can't be updated. And at that price, consumers are more likely to toss it in the trash and buy something else than they are to look for an update.
So the security benefit outweighs the business cost at the low end. (Whether low end manufacturers can be convinced to take such a simple step is another question; by definition, they care less about the consumer, because they're not building brand loyalty).
At the other end of the spectrum, there are companies who market themselves as security-before-everything-else providers. IronKey, for example, sells devices that wipe themselves if the wrong password is entered too many times, and which are baked in epoxy to prevent physical access. For them to offer the trade-off of locked firmware (no updates, but less insecurity) is fine - that's their value proposition. Their customers would rather throw expensive devices away than have security risks that could be avoided.
As for everyone between those two extremes...
Picture a presentation being given around a board room. The presenter says, "We can improve our client's security, against a very unusual niche attack, by locking our hardware so that updates aren't possible. There is a possibility this could cause high rates of product returns, negative publicity, and general damage to our brand. We are here to decide whether to protect ourselves or a small, unknown subset of our customer base against an unknown potentiality."
They're going to vote to do the right thing for the company, not for the hypothetical individual customer. And they're going to keep shipping things they can update.
Just my 2 cents (which is good enough to buy a 256 MB thumb drive these days).