Are DVDs vulnerable to firmware malware (and assorted questions)?
You have quite a few different questions in here. Let's try to answer them.
Are DVD drives & SATA infrastructure vulnerable like badusb
The SATA protocol is used exclusively for storage, not any other class like a keyboard.
"BadUSB" is a class of frankly overhyped attacks that involve a USB devices acting as a Human Interface Device (HID) like a mouse or keyboard and interacting with the computer. This is possible because the USB protocol is designed to be, well, universal. It's up to the USB slave to provide its purpose to the host, called the class. As such, a flash drive will expose itself as a mass storage device, whereas a keyboard will expose itself as a HID. The problem stems from the fact that a flash drive, if reprogrammed or designed maliciously, can tell the host it is a HID and the host will happily accept keystrokes from it. This is not an issue with SATA because it is designed exclusively for data transfer. A SATA device cannot tell the host that it is a keyboard.
or even spreading to other hardware such as NIC, RAM, CPU, BIOS once infected?
DVD/CD goes over SATA, which does not have (arbitrary) DMA capabilities.
This would require a DMA attack, which requires a feature on the PCI bus called bus master, a PCI configuration bit, set through privileged software on the host and stored in registers on the device. A hardware driver can enable the bus master bit for a given PCI device, allowing it to access any system memory it wants, and that is the case with the SATA hub. However, a DVD player does not control the SATA hub directly, but rather communicates with it. The limitations of the SATA protocol affect how dangerous such a drive can be, and since SATA requires driver support for performing arbitrary DMA on behalf of the client, a malicious DVD drive cannot write to arbitrary memory without it being allowed by the driver. What happens is, the SATA client (the DVD drive) communicates over the link to the SATA hub (built into the ICH on modern systems), giving it the data the host requested. The hub, which is a virtual PCI device, then uses DMA (usually called UDMA for mass storage devices) to write the data to the host. The client usually cannot tell the hub where it wants the data written, only what the data to write.
Note that it may be possible in some circumstances for a client SATA device to DMA directly onto the host, according to section 10.3.7 of the SATA standard. Whether or not a given driver allows this or not, your system's I/OMMU should, with proper DMAR tables in your BIOS, isolate this DMA.
Do DVDs have any sector like MBR or GPT that can be programmed to give commands, have access to the kernel, core file system which could be exploited to hack within the instant the disc is loaded?
Any partition can contain a MBR/GPT, but you have to boot from it for it to do anything.
MBR and GPT are features of any bootable partition, regardless of medium. MBR is just a bit of data (a flat executable and the partition table) that fits on the first 512 byte sector of a bootable partition and nothing more. If you were to use a DVD with a bootable partition, it could have an MBR that behaves like this, but this is not present on the average DVD and you would have to boot from it for it to have any effect anyway. Disable booting from the DVD drive in your BIOS to be sure!
Also, would a strong anti-virus/ firewall protect against any hardware-based live attacks, such as badusb, or if an inserted a disk, DVD drive can be hacked?
Antivirus programs only scan files, not hardware. Firewalls only restrict the network.
No. Antivirus is designed for scanning malicious files, and it has two modes of operation. First, it can do signature-based detection where it looks for known strings in files that are unique to malware. This is very fast and tends not to have false positives but it is easy to defeat (just modify the malware slightly) and requires foreknowledge of the malicious software. The second technique is heuristic detection, where a set of "sketchy" actions by an executable are flagged. For example, if an executable uses internal encryption, and immediately after being opened it downloads another executable from the internet and sets the hidden flag on that file, those red flags all add up and antivirus software will block the action. This is slower and tends to result in false positives, but it can detect (at least a fraction of) unknown malware. While it is more effective at detecting new malware than signature-based detection, it can be evaded. Antivirus does not even consider hardware attacks as part of their threat model. As for a firewall, they are just for restricting networking access, not detecting malware. Firewalls are a completely different technology.
Would it be possible for DVD/CD to have TDSS-like stealth hidden file-system?
A DVD does not have any filesystem. It is up to the OS to format it with a filesystem.
A DVD/CD is just a blank medium. In theory, a specially designed DVD drive and a specially designed DVD could store a secondary, hidden filesystem, but this does not happen in practice. When using a regular DVD drive, it's up to the OS to format the disc with whatever filesystem provides the necessary features. The normal format for storage DVDs is usually iso9660 or UDF, and they do not support hidden filesystems.
Do blank CD's/ DVD's from reputable companies like Sony, Verbatim, Mosaerbaer have encrypted firmware?
The actual discs are just a dumb medium for data storage with no firmware.
DVDs themselves do not contain firmware anymore than the physical platters in a hard drive contain firmware. They are just "dumb" discs with a special design that allows one or more layers of a substance to change reflectivity when hit with a strong enough beam. DVD drives have firmware, however, and it can only be updated using special privileged commands on the host. I am not aware of any DVD drives which allow firmware updates directly from discs (though they might exist). Whether or not it is encrypted, I don't know, but I would guess that it is not and is instead obfuscated/encoded. It most likely uses something simple like huffman encoding which can be broken with enough time and effort. The reverse engineering would be the real challenge, though.
I should note that a malicious DVD drive may be able to do some nasty things, such as modifying data before giving it to you. If you execute a file off a DVD and the drive is malicious, it can give you a malicious file, same way a router could if you downloaded an executable from the network. A SATA device is nothing more than a small computer with huge storage serving requests over a high-bandwidth, low-latency network. Treat it as such.