To answer your question: Just as an example... Maybe a future (or present) feature can be used to activate the (built-in Wifi) network adapter of my device which I carefully disabled? Maybe it works as a trigger for other software or even OS components to start the network adapter? We will not know it until the day it actually happens. That's what they call vulnerabilities/exploits.
That's the problem and the point I am trying to make. You are not supposed to have network adapters and WIFI cards present in your airgapped system. They should be physically removed. If they aren't there, a bug, vulnerability, or malware can't activate something that doesn't exist. That's why I said
properly airgapped device.
Unfortunately, we are going back to your security model again. If your security model mitigates most attack vectors, you don't need to worry what is going on with the code in the features you aren't using.