It seems OEM apps with their high level of access and poor security is a gift that keeps on giving, at least to the hacker community.
The latest is the Nokia Network Setup App, which has a vulnerability which could allow an Interop Unlock, which gives full access to the device at a root level, to be achieved by deploying a specially crafted provisioning file.
The vulnerability and associated exploit was discovered by Heathcliff74 on XDA-Developers is is still in testing.
Update: Nanapho.jp reports that after the exploit has been made public Nokia has unpublished Nokia Network Setup from Marketplace. The XAP can still be downloaded, but can now no longer be installed.
Read more on XDA-Developers here.