ACME clients should use the intermediate certificate provided by the ACME server when getting a certificate.
That said, the certificates actually do contain the issuer certificate embedded in it, but not every SSL client uses that information to download the extra certs required.
By having a backup CA. Never ever have a single point of failure for such critical devices (probably without easy upgrade capabilities).
No, the firmware should not pin intermediate certificates as if it were root certificates. We're talking about intermediate certificates served by the webserver here, not which certificate is trusted.